Project news

Call to Vote: 11 ballots for OASIS Standards from the Key Management Interoperability Protocol (#KMIP) TC open

The OASIS Key Management Interoperability Protocol (KMIP) TC members [1] have approved submitting the following 11 Candidate OASIS Standards, approved 03 February 2015, to the OASIS membership for voting for OASIS Standard:

Key Management Interoperability Protocol Specification Version 1.2

Key Management Interoperability Protocol Profiles Version 1.2

KMIP Additional Message Encodings Version 1.0

KMIP Storage Array with Self-Encrypting Drives Profile Version 1.0

KMIP Symmetric Key Lifecycle Profile Version 1.0

KMIP Asymmetric Key Lifecycle Profile Version 1.0

KMIP Cryptographic Services Profile Version 1.0

KMIP Symmetric Key Foundry for FIPS 140-2 Profile Version 1.0

KMIP Tape Library Profile Version 1.0

KMIP Suite B Profile Version 1.0

KMIP Opaque Managed Object Store Profile Version 1.0

This is a call to the primary or alternate representatives of OASIS Organizational Members to vote. This Committee Specification was approved by the Technical Committee and was submitted for the required 60-day public review [2]. All requirements of the OASIS TC Process having been met [3][4], the Candidate OASIS Standard is now submitted to the voting representatives of OASIS organizational members.

— Voting Details —

The ballots open 06 May 2015 at 00:00 UTC and close on 19 May 2015 at 23:59 UTC You can access the ballots to cast your votes at:

– Key Management Interoperability Protocol Specification Version 1.2
Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=2799
Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=2799

– Key Management Interoperability Protocol Profiles Version 1.2
Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=2800
Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=2800

– KMIP Additional Message Encodings Version 1.0
Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=2801
Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=2801

– KMIP Storage Array with Self-Encrypting Drives Profile Version 1.0
Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=2802
Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=2802

– KMIP Symmetric Key Lifecycle Profile Version 1.0
Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=2803
Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=2803

– KMIP Asymmetric Key Lifecycle Profile Version 1.0
Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=2804
Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=2804

– KMIP Cryptographic Services Profile Version 1.0
Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=2805
Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=2805

– KMIP Symmetric Key Foundry for FIPS 140-2 Profile Version 1.0
Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=2806
Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=2806

– KMIP Tape Library Profile Version 1.0
Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=2807
Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=2807

– KMIP Suite B Profile Version 1.0
Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=2808
Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=2808

– KMIP Opaque Managed Object Store Profile Version 1.0
Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=2809
Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=2809

The minimum number of affirmative votes required to approve this ballot is 44 (15% of 289 organizational members).

Each OASIS organizational member has one vote. OASIS members should ensure that their organization’s voting representative votes according to the organization’s wishes. If you do not know the name of your organization’s voting representative is, go to the My Account page at

http://www.oasis-open.org/members/user_tools

then click the link for your Company (at the top of the page) and review the list of users for the name designated as “Primary”.

— Information about the Candidate OASIS Standard and the KMIP —

The OASIS KMIP TC works to define a single, comprehensive protocol for communication between encryption systems and a broad range of new and legacy enterprise applications, including email, databases, and storage devices.

The Key Management Interoperability Protocol (KMIP) is a single, comprehensive protocol for communication between clients that request any of a wide range of encryption keys and servers that store and manage those keys. By replacing redundant, incompatible key management protocols, KMIP provides better data security while at the same time reducing expenditures on multiple products.

These documents are intended for developers and architects who wish to design systems and applications that interoperate using the Key Management Interoperability Protocol Specification.

– Key Management Interoperability Protocol Specification Version 1.2 provides the core specification.

– Key Management Interoperability Protocol Profiles Version 1.2 define a set of normative constraints for employing KMIP within a particular environment or context of use. They may, optionally, require the use of specific KMIP functionality or in other respects define the processing rules to be followed by profile actors.

– KMIP Additional Message Encodings Version 1.0 describes additional (optional) message encodings as an alternative to the (mandatory) raw TTLV encoding including: HTTP, JSON, and XML.

– KMIP Storage Array with Self-Encrypting Drives Profile Version 1.0 describes a profile for Storage Arrays with Self-Encrypting Drives as KMIP clients interacting with KMIP servers.

– KMIP Symmetric Key Lifecycle Profile Version 1.0 describes a profile for a KMIP server performing symmetric key lifecycle operations based on requests received from a KMIP client.

– KMIP Tape Library Profile Version 1.0 describes a profile for Tape Libraries as KMIP clients interacting with KMIP servers.

– KMIP Cryptographic Services Profile Version 1.0 describes the use of KMIP operations to support cryptographic services being performed by a KMIP server on behalf of a KMIP client for key management operations.

– KMIP Asymmetric Key Lifecycle Profile Version 1.0 describes a profile for a KMIP server performing asymmetric key lifecycle operations based on requests received from a KMIP client.

– KMIP Symmetric Key Foundry for FIPS 140-2 Profile Version 1.0 describes a profile for a KMIP server creating FIPS140-2 approved symmetric key algorithms based on requests received from a KMIP client.

– KMIP Opaque Managed Object Store Profile Version 1.0 describes a profile for a KMIP server performing opaque managed object storage operations based on requests received from a KMIP client.

– KMIP Suite B Profile Version 1.0 describes a profile for KMIP clients and KMIP servers using Suite B cryptography that has been approved by NIST for use by the U.S. Government and specified in NIST standards or recommendations.

Six Statements of Use were received from Cryptsoft, IBM, P6R, Fortenix, HP and Thales. Some of the COSs are addressed by a subset of the SoUs.

URIs
The prose specification document and related files are available here:

– Key Management Interoperability Protocol Specification Version 1.2

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/spec/v1.2/cos01/kmip-spec-v1.2-cos01.doc

HTML:
http://docs.oasis-open.org/kmip/spec/v1.2/cos01/kmip-spec-v1.2-cos01.html

PDF:
http://docs.oasis-open.org/kmip/spec/v1.2/cos01/kmip-spec-v1.2-cos01.pdf

– Key Management Interoperability Protocol Profiles Version 1.2

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/profiles/v1.2/cos01/kmip-profiles-v1.2-cos01.doc

HTML:
http://docs.oasis-open.org/kmip/profiles/v1.2/cos01/kmip-profiles-v1.2-cos01.html

PDF:
http://docs.oasis-open.org/kmip/profiles/v1.2/cos01/kmip-profiles-v1.2-cos01.pdf

– KMIP Additional Message Encodings Version 1.0

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-addtl-msg-enc/v1.0/cos01/kmip-addtl-msg-enc-v1.0-cos01.doc

HTML:
http://docs.oasis-open.org/kmip/kmip-addtl-msg-enc/v1.0/cos01/kmip-addtl-msg-enc-v1.0-cos01.html

PDF:
http://docs.oasis-open.org/kmip/kmip-addtl-msg-enc/v1.0/cos01/kmip-addtl-msg-enc-v1.0-cos01.pdf

– KMIP Storage Array with Self-Encrypting Drives Profile Version 1.0

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-sa-sed-profile/v1.0/cos01/kmip-sa-sed-profile-v1.0-cos01.doc

HTML:
http://docs.oasis-open.org/kmip/kmip-sa-sed-profile/v1.0/cos01/kmip-sa-sed-profile-v1.0-cos01.html

PDF:
http://docs.oasis-open.org/kmip/kmip-sa-sed-profile/v1.0/cos01/kmip-sa-sed-profile-v1.0-cos01.pdf

– KMIP Symmetric Key Lifecycle Profile Version 1.0

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-sym-key-profile/v1.0/cos01/kmip-sym-key-profile-v1.0-cos01.doc

HTML:
http://docs.oasis-open.org/kmip/kmip-sym-key-profile/v1.0/cos01/kmip-sym-key-profile-v1.0-cos01.html

PDF:
http://docs.oasis-open.org/kmip/kmip-sym-key-profile/v1.0/cos01/kmip-sym-key-profile-v1.0-cos01.pdf

– KMIP Asymmetric Key Lifecycle Profile Version 1.0

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-asym-key-profile/v1.0/cos01/kmip-asym-key-profile-v1.0-cos01.doc

HTML:
http://docs.oasis-open.org/kmip/kmip-asym-key-profile/v1.0/cos01/kmip-asym-key-profile-v1.0-cos01.html

PDF:
http://docs.oasis-open.org/kmip/kmip-asym-key-profile/v1.0/cos01/kmip-asym-key-profile-v1.0-cos01.pdf

– KMIP Cryptographic Services Profile Version 1.0

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-cs-profile/v1.0/cos01/kmip-cs-profile-v1.0-cos01.doc

HTML:
http://docs.oasis-open.org/kmip/kmip-cs-profile/v1.0/cos01/kmip-cs-profile-v1.0-cos01.html

PDF:
http://docs.oasis-open.org/kmip/kmip-cs-profile/v1.0/cos01/kmip-cs-profile-v1.0-cos01.pdf

– KMIP Symmetric Key Foundry for FIPS 140-2 Profile Version 1.0

Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-sym-foundry-profile/v1.0/cos01/kmip-sym-foundry-profile-v1.0-cos01.doc

HTML:
http://docs.oasis-open.org/kmip/kmip-sym-foundry-profile/v1.0/cos01/kmip-sym-foundry-profile-v1.0-cos01.html

PDF:
http://docs.oasis-open.org/kmip/kmip-sym-foundry-profile/v1.0/cos01/kmip-sym-foundry-profile-v1.0-cos01.pdf

– KMIP Tape Library Profile Version 1.0

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-tape-lib-profile/v1.0/cos01/kmip-tape-lib-profile-v1.0-cos01.doc

HTML:
http://docs.oasis-open.org/kmip/kmip-tape-lib-profile/v1.0/cos01/kmip-tape-lib-profile-v1.0-cos01.html

PDF:
http://docs.oasis-open.org/kmip/kmip-tape-lib-profile/v1.0/cos01/kmip-tape-lib-profile-v1.0-cos01.pdf

– KMIP Suite B Profile Version 1.0

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-suite-b-profile/v1.0/cos01/kmip-suite-b-profile-v1.0-cos01.doc

HTML:
http://docs.oasis-open.org/kmip/kmip-suite-b-profile/v1.0/cos01/kmip-suite-b-profile-v1.0-cos01.html

PDF:
http://docs.oasis-open.org/kmip/kmip-suite-b-profile/v1.0/cos01/kmip-suite-b-profile-v1.0-cos01.pdf

– KMIP Opaque Managed Object Store Profile Version 1.0

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-opaque-obj-profile/v1.0/cos01/kmip-opaque-obj-profile-v1.0-cos01.doc

HTML:
http://docs.oasis-open.org/kmip/kmip-opaque-obj-profile/v1.0/cos01/kmip-opaque-obj-profile-v1.0-cos01.html

PDF:
http://docs.oasis-open.org/kmip/kmip-opaque-obj-profile/v1.0/cos01/kmip-opaque-obj-profile-v1.0-cos01.pdf

ZIP distribution file (complete):

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

– Key Management Interoperability Protocol Specification Version 1.2:
http://docs.oasis-open.org/kmip/spec/v1.2/cos01/kmip-spec-v1.2-cos01.zip

– Key Management Interoperability Protocol Profiles Version 1.2:
http://docs.oasis-open.org/kmip/profiles/v1.2/cos01/kmip-profiles-v1.2-cos01.zip

– KMIP Additional Message Encodings Version 1.0:
http://docs.oasis-open.org/kmip/kmip-addtl-msg-enc/v1.0/cos01/kmip-addtl-msg-enc-v1.0-cos01.zip

– KMIP Storage Array with Self-Encrypting Drives Profile Version 1.0:
http://docs.oasis-open.org/kmip/kmip-sa-sed-profile/v1.0/cos01/kmip-sa-sed-profile-v1.0-cos01.zip

– KMIP Symmetric Key Lifecycle Profile Version 1.0:
http://docs.oasis-open.org/kmip/kmip-sym-key-profile/v1.0/cos01/kmip-sym-key-profile-v1.0-cos01.zip

– KMIP Asymmetric Key Lifecycle Profile Version 1.0:
http://docs.oasis-open.org/kmip/kmip-asym-key-profile/v1.0/cos01/kmip-asym-key-profile-v1.0-cos01.zip

– KMIP Cryptographic Services Profile Version 1.0:
http://docs.oasis-open.org/kmip/kmip-cs-profile/v1.0/cos01/kmip-cs-profile-v1.0-cos01.zip

– KMIP Symmetric Key Foundry for FIPS 140-2 Profile Version 1.0:
http://docs.oasis-open.org/kmip/kmip-sym-foundry-profile/v1.0/cos01/kmip-sym-foundry-profile-v1.0-cos01.zip

– KMIP Tape Library Profile Version 1.0:
http://docs.oasis-open.org/kmip/kmip-tape-lib-profile/v1.0/cos01/kmip-tape-lib-profile-v1.0-cos01.zip

– KMIP Suite B Profile Version 1.0:
http://docs.oasis-open.org/kmip/kmip-suite-b-profile/v1.0/cos01/kmip-suite-b-profile-v1.0-cos01.zip

– KMIP Opaque Managed Object Store Profile Version 1.0:
http://docs.oasis-open.org/kmip/kmip-opaque-obj-profile/v1.0/cos01/kmip-opaque-obj-profile-v1.0-cos01.zip

— Additional information —

[1] Key Management Interoperability Protocol (KMIP) TC
https://www.oasis-open.org/committees/kmip/

TC Charter
https://www.oasis-open.org/committees/kmip/charter.php

[2] Public reviews:

– 30-day public review, 19 February 2014:
https://lists.oasis-open.org/archives/tc-announce/201402/msg00008.html
– Comment resolution log (master log copied to each csprd directory):
http://docs.oasis-open.org/kmip/spec/v1.2/csprd01/KMIP-v1.2-csprd01-pub-rev-comments-final.xlsx

– 30-day public review, Key Management Interoperability Protocol Profiles
Version 1.2, 07 April 2014:
https://lists.oasis-open.org/archives/tc-announce/201404/msg00000.html
– Comment resolution log:
http://docs.oasis-open.org/kmip/profiles/v1.2/csprd01/KMIP-v1.2-csprd01-pub-rev-comments-final.xlsx

– 15-day public review, 09 September 2014:
https://lists.oasis-open.org/archives/members/201409/msg00002.html
– Comment resolution log (master log copied to each csprd directory):
http://docs.oasis-open.org/kmip/kmip-sym-key-profile/v1.0/csprd02/kmip-sym-key-profile-v1.0-csprd02-comment-resolution-log.txt

– 60-day public review, 17 February 2015:
https://lists.oasis-open.org/archives/members/201502/msg00002.html

[3] Candidate OASIS Standard approval ballots:

– Key Management Interoperability Protocol Specification Version 1.2: https://www.oasis-open.org/committees/ballot.php?id=2729

– Key Management Interoperability Protocol Profiles Version 1.2: https://www.oasis-open.org/committees/ballot.php?id=2730

– KMIP Additional Message Encodings Version 1.0:https://www.oasis-open.org/committees/ballot.php?id=2731

– KMIP Storage Array with Self-Encrypting Drives Profile Version 1.0: https://www.oasis-open.org/committees/ballot.php?id=2732

– KMIP Symmetric Key Lifecycle Profile Version 1.0: https://www.oasis-open.org/committees/ballot.php?id=2733

– KMIP Asymmetric Key Lifecycle Profile Version 1.0://www.oasis-open.org/committees/ballot.php?id=2734

– KMIP Symmetric Key Foundry for FIPS 140-2 Profile Version 1.0: https://www.oasis-open.org/committees/ballot.php?id=2735

– KMIP Tape Library Profile Version 1.0: https://www.oasis-open.org/committees/ballot.php?id=2736

– KMIP Cryptographic Services Profile Version 1.0: https://www.oasis-open.org/committees/ballot.php?id=2757

– KMIP Suite B Profile Version 1.0: https://www.oasis-open.org/committees/ballot.php?id=2758

– KMIP Opaque Managed Object Store Profile Version 1.0: https://www.oasis-open.org/committees/ballot.php?id=2759

[4] Statements of Use:

1. Cryptsoft – https://www.oasis-open.org/apps/org/workgroup/kmip/download.php/54564/KMIP-SOU-Cryptsoft- 14-Nov-2014.pdf

2. IBM – https://www.oasis-open.org/apps/org/workgroup/kmip/email/archives/201412/msg00007.html

3. P6R – https://www.oasis-open.org/apps/org/workgroup/kmip/email/archives/201411/msg00008.html

4. Fortenix – https://www.oasis-open.org/apps/org/workgroup/kmip/email/archives/201501/msg00008.html

5. HP – https://lists.oasis-open.org/archives/kmip-comment/201501/msg00000.html

6. Thales – https://www.oasis-open.org/apps/org/workgroup/kmip/download.php/54913/SOU-Thales_e-Security_2015-01-16_Final.pdf